App.No. 10/782,563 

Amendment Dated: May 11, 2009 

Reply to Office Action of February 20, 2009 



REMARKS/ARGUMENTS 

The Office Action mailed February 20, 2009, has been received and the Examiner's 

comments carefully reviewed. Claims 1-5, 7-11, 14-19, 22 and 23 are rejected. Claims 1, 4, 7, 
10, 14, 16, 18, and 22 are amended. For at least the following reasons, applicants respectfully 
submit that the pending claims are in condition for allowance. 
Claim Rejections Under 35 U.S.C. $ 102 

Claims 1-5, 7-11, 14-19 and 22-23 are rejected under 35 U.S.C. 102(b) as being 
anticipated by U.S. Patent No. 6,460,141 to Olden; Eric M. (hereinafter "Olden"). 
As amended, Claim 1 recites in part: 

• receiving rules from an administration client computing device, the rules 
comprising query criteria for the audience, each rule defined as a unit of 
functionality; 

• storing the received rules in a database; 

• scheduling the compilation of the rules on a predetermined time schedule; 

• using the received rules to determine a membership list of the plurality of users to 
receive the content, the received rules comprising a property query rule, a member of 
rule, and a reports under rule, by: 

o independently generating separate results of the property query rule by 
determining if a property value matches a property of one or more of the 
plurality of users, the determination comprising receiving the separate 
results of the property query rule from a directory service, wherein the 
directory service is separate from the database; 

o independently generating separate results of the member of rule by 

determining if one or more of the plurality of users are a member of a group 
email distribution list; and 

o independently generating separate results of the reports under rule by 

determining if one or more of the plurality of users are located hierarchically 
under another person within an organization structure, the determination 
comprising receiving the separate results of the reports under rule from the 
directory service maintaining the organization structure; and 
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• after independently generating the separate results of each of the property query rule, 
the member of rule, and the reports under rule, compiling the membership list of users 
according to the predetermined schedule by applying one or more conditional logic 
operators to combine the separate results of the property query rule, the separate 
results of the member of rule, and the separate results of the reports under rule; . . . 

Olden Does Not Teach Receiving Property Query and Reports Under Rule Results from a 
Separate Directory Service 

Olden does not teach receiving the results of the "property query" rule and the results of 
the "reports under" rule from a separate directory service. In Olden, rule results are obtained 
from an "Entitlements database." For example, Olden depicts a roundtrip request for content 
using the "Entitlements" database in Figure 30: 
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ClearTrust 
ENTITLEMENTS 
DATABASE 



1. BROWSER REQUEST SECURED CONTENT FROM CT PROTECTED 
WEB SERVER 'A 1 , 

2. CT PLUG-IN CHECKS FOR COOKIE. 

3. BECAUSE THIS !S FIRST AUTHENTICATION, USER PROVIDES 
USERNAME AND PASSWORD. 

4. USER PERMISSIONS CHECKED. 

5. BUILD COOKIE AND SET FOR BROWSER, 

6. WEB USER ACCESSES CT PROTECTED WEB SERVER 'B\ 

7. PLUG-IN ON WEB SERVER B USES COOKIE FOR AUTHENTICATION. 

8. PERMISSIONS ARE CHECKED FOR USER BASED ON CREDENTIALS 
IN COOKIE. 



FIG. 30 

Olden, Figure 30. As illustrated in Figure 30, the roundtrip authentication does not involve 
receiving results from rules from a separate directory service. Olden discloses that authorization 
functions are executed against the database: 
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The plug-ins then start querying the primary authorization server 24 A, 24 B, or 24 C for 
authorization requests. The primary authorization server 24 A, 24 B, or 24 C queries the 
entitlements database 32 for entitlements and responds to the requests from the plug-ins. 

Olden, Col. 5:36-40. Olden receives rule results from data in the entitlements database. 

Accordingly, Olden' s results from an "Entitlements database" do not encompass storing the rules 

in a database and receiving results of a rule from a separate directory service. 

Olden Does Not Teach a Member Of Rule for a Group Email Distribution List 

Olden does not teach a "member of rule determined for a group email distribution list. 

The Office Action equates the "member of rule to a list of users within a group. (Office Action, 

pg. 7.) Olden discloses addition of the users to a group defined within the entitlements database. 

(Olden, Col. 15:12-19.) Olden, however, does not disclose retrieving results from a group email 

distribution list. Moreover, Olden does not determine if a user is a member of a list of users in a 

group email distribution list. Accordingly, Olden' s database holding "user groups" does not 

disclose "determining if one or more of the plurality of users are a member of a group email 

distribution list." 

Olden Does Not Teach a Reports Under Rule 

Olden does not teach a "reports under" rule. For example, Olden does not disclose 
determining if a user is located hierarchically under another person within an organization 
structure. A "reports under" query is structured to find users that are located hierarchically 
under another person. As an example, to find users reporting to "Joe Smith," a query may state: 
User REPORTS UNDER "Joe Smith" 
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In the example above, the rule returns all users that report hierarchically under "Joe 

Smith." The Office Action equates the "reports under" rule to Olden' s disclosure of users, 

administrative groups and realms. For example, Olden states: 

This allows an administrator to more easily assign access rights to a large group of users 
68 without having to assign rights individually. A user 68 can be grouped together into a 
group object 76 . Group objects 76 likewise can be grouped together into a realm object 
78 . 

Olden, Col. 7:44-48; Office Action, pg. 8. Olden discloses membership of users to groups. 
Olden also discloses that "administrative groups" may be hierarchical. For example, Olden 
states: 

Furthermore, administrative groups can be nested. For example, an enterprise can create a 
hierarchical administration structure which allows for a 

grandparent— >parent—>child^grandchild type structure. Additionally, the enterprise can 
avoid being in the business of administration and is able to push administration of 
additional groups down the administration chain. 

Olden, Col. 2 1 : 1 5-2 1 . Olden' s disclosure of a hierarchy of administrative groups, however, 

does not anticipate an ability to query for whether a user is located hierarchically under 

another person within an organization structure. As an example, Olden' s disclosure of 

hierarchical administrative groups suggests that "Admin_SubGroup" may be a child of 

"Admin_ParentGroup." The disclosure of a parent group and sub-group does not teach or 

suggest an ability to query for whether a particular user is located hierarchically under a 

particular person. Accordingly, Olden's disclosure of users, hierarchical administrative groups 

and realms does not teach a "reports under" rule that determines if one or more users are "located 

hierarchically under another person within an organization structure." 

Olden Does Not Teach Combining Results Returned by the Property Query Rule, the 
Member of Rule and the Reports Under Rule 
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Olden does not combine separate results of the "property query" rule, "member of rule 
and "reports under" rule. According to the Office Action, (a) the property query rule is mapped 
to Olden' s search function (Office Action, pg. 6; Olden, Col. 13:37-49), (b) the member of rule 
is mapped to Olden's ability to add users to a group (Office Action, pg. 7; Olden, Col. 15:12-19), 
and (c) the "reports under" rule is mapped to Olden's disclosure of users, groups and realms 
(Office Action, pg. 8; Olden, Col. 7:42-48, Col. 15:26-46, Col. 21:15-21). Later, however, the 
Office Action equates the combining of the results from the rules to disclosure of a "smart rule." 
(Office Action, pg. 9.) Olden discloses a dialog to create a "smart rule": 



Jiu Create new Smart Rule: INT jxj 









Define | 
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rule for | ACCESS j 


property 
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Value 


as | COFf | 
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[ Save j | Cancel f 



FIG. 19 



Olden, Figure 19. Olden's "smart rule" dialog provides a mechanism to enter a property, a 
value, and an operator between them. Olden's "smart rules", however, do not allow for 
"combining" the results generated by the "property query," "member of and "reports under" 
rules. For example, the search results equated to the "property query" results cannot be used in a 
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"smart rule" or by any other mechanism. The "property query" was mapped to the ability to 
search as below: 

In order to find a particular user, group, or realm in the list box, an administrator can 
scroll through the list of entities or use the Search function. In order to use Search, the 
administrator enters the desired name or name fragment in the field, and clicks the Search 
button. If a full name is typed into the Search field, that name will automatically appear at 
the top of the list box. 

Olden, Col. 13:38-43 (Emphasis added.) Olden depicts population of the list box based on the 
search function in Figure 8: 
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FIG. 8 

Olden, Figure 8. Olden populates a list box, but Olden does not disclose later combining the 
contents of the populated list box with any other list. In fact, Olden teaches away from 
combining the users with any other list of users because the list of users is placed into a user 
interface and there is no mechanism suggested for combining the list of users in the user 
interface with a list of users generated by any other rule. Accordingly, Olden' s "smart rules" do 
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not teach "combining" the results generated by the "property query," "member of and "reports 
under" rules. 

Olden Does Not Teach Generating a Compiled Membership Group According to a 
Predetermined Schedule 

Olden does not teach compiling a membership list of users according to a predetermined 
schedule. In rejecting now-amended claim 7, the Office Action equates compiling a membership 
list of users according to a predetermined schedule to periodic synchronization of data. Olden 
discloses synchronizing of data into the "Entitlements database": 

Smart rules essentially build access control lists dynamically based on the properties of 
the users. . . In order for a smart rule to operate against a particular property, the smart 
rule must first be defined in the entitlements database 32 . Then, the properties from the 
customer or employee database can be loaded into the entitlements database 32 , and 
synchronized periodically to keep them up to date. This can be easily done through the 
bulk loading function of the API server 16. 

Olden, Col. 19:12-28; Office Action, pgs. 13-14. Olden discloses periodically moving data 

values from other databases (e.g. a "customer database") into the "entitlements database." Olden 

does not disclose, however, generating a compiled membership list of users according to a 

predetermined schedule. Even if compilation of a "smart rule" corresponded to compilation of 

the property query rule, member of rule and reports under rule (which it does not), Olden does 

not disclose compiling the "smart rules" on a predetermined schedule. Olden discloses 

synchronization of underlying database data periodically. Olden, however, does not compile his 

"smart rules" periodically. Accordingly, Olden's "smart rules" and "synchronization" of data 

into a database does not anticipate or make obvious a scheduled compilation of a property query 

rule, member of rule and reports under rule. 
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Claims are Allowable 

For at least the reasons presented above, Claim 1 is in condition for allowance. Claims 2- 
5, and 7-9 are also allowable as they depend from a valid base claim. 
As amended, Claim 10 recites in part: 

• receive a plurality of rules from the management client device, the rules defining the 
audience, the rules comprising a property query rule, a member of rule and a reports 
under rule; 

• store the received rules in a database; 

• schedule the compilation of the rules on a predetermined time schedule; 

• independently generate separate results for the property query rule that determines if a 
property value matches a property of one or more users stored in a separate directory 
service; 

• independently generate separate results for the member of rule that determines if one 
or more users are within a group email distribution list; and 

• independently generate separate results for the reports under rule that determines if 
one or more users are located hierarchically under another user within the separate 
directory service; 

• compile the rules according to the predetermined time schedule to define the audience 
by combining the separate results of the property query rule, the separate results of 
the member of rule, and the separate results of the reports under rule with conditional 
logical operators; and 

• associate the users of the audience with the content. 

For at least the reasons presented above, Claim 10 is allowable. Claims 1 1, 14-15 are 
also allowable as they depend from a valid base claim. 
As amended, Claim 16 recites in part: 

• receiving a plurality of rules from an administrator client device; 

• storing the received rules in a database; 
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• scheduling the compilation of the rules on a predetermined basis; 

• independently applying the plurality of rules to define an audience to receive the 
content, wherein the audience comprises a list of users, and the plurality of rules 
comprise: 

o a property query rule that independently determines if a property value 
matches a property of users in an organization structure stored in a directory 
service; 

o a member of rule that independently determines if a user is a member of an 
organization structure stored in a group mail distribution list; and 

o a reports under rule that independently determines if a user is located 
hierarchically under another user within an organization structure stored in 
the directory service; 

• compiling the rules according to the predetermined schedule by gathering 
information from the organization structure and the group mail distribution list to 
compile members of the audience wherein the compilation applies conditional 
logic operators to combine the results from the property query rule, the results 
from the member of rule and the results from the reports under rule; and 

For at least the reasons presented above, Claim 16 is allowable. Claims 17-19, 22-23 are 

also allowable as they depend from a valid base claim. 

Conclusion 

In view of the foregoing amendments and remarks, all pending claims are believed to be 
in condition for allowance. Therefore, a Notice of Allowance is respectfully requested. Should 
the Examiner have any further issues regarding this application, the Examiner is requested to 
contact the undersigned agent for the applicants at the telephone number provided below. It is 
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believed that no further fees are due with this Amendment. However, the Commissioner is 
hereby authorized to charge any deficiencies or credit any overpayment with respect to this 
patent application to deposit account number 13-2725. 



Respectfully submitted, 

MERCHANT & GOULD P.C. 
P.O. Box 2903 

Minneapolis, Minnesota 55402-0903 
(303)357-1642 
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